Cisco – Source-based routing on Cisco 3750 switch

I have this Cisco 3750 switch which handles many VLANs. It has an IP interface on some of them, and it does routing for those computers connected to those VLANs which use the switch's IP addresses as their default gateway.

The switch has a default gateway, too; this is needed because one of those VLANs is connected to an Internet router, so every outgoing connection which is not directed to any specific internal subnet needs to go there.

The switch itself also has another IP address, which we use for management; this address is attached to one of the VLANs. Traffic from/to this address needs to go through another route.

The question: I want any outgoing IP connection which comes from the switch to go through a different route than its default gateway. But this should only apply to packets which originates from the switch itself; those packets which come from any device connected to any VLAN on the switch should go through the default route.

Source-based routing is what I need here; i.e. I want a static route which only applies to packets originating from the switch itself.

Can this be done on a Cisco 3750 switch?

How?

Edit: why I want this

This is a test environment, where the default gateway is a Linux firewall which at any given time might be down; our workstations are on the other side of this firewall, and there's also some other routing in the middle.
The switch has a management IP on a subnet which is linked to our main network, where a gateway could allow it to talk with us without going through its default gateway.
And of course we don't want to lose connectivity to the switch if the test area is not fully working.
But, at the same time, the switch's default gateway has to be that one, because the switch itself also acts as a router for the (many) subnets which form this test area.
So I need to route through an alternate gateway all the traffic that comes from the switch, but only it.

Edit: `show version`

Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(25)SEE1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Mon 22-May-06 08:51 by yenanh
Image text-base: 0x00003000, data-base: 0x01026AEC

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(25r)SEC, RELEASE SOFTWARE (fc4)

SW-TEST uptime is 5 weeks, 1 day, 16 hours, 22 minutes
System returned to ROM by power-on
System image file is "flash:c3750-ipbasek9-mz.122-25.SEE1/c3750-ipbasek9-mz.122-25.SEE1.bin"

Best Answer

If you want to direct or tag the traffic originating from the switch or router (will work on IPBASE) I'm guessing you already succeeded but if not.

conf t

access-list 1 any

route-map pbr permit 10

 match ip address 1

 set ip next-hop 3.3.3.3

exit

ip local policy route-map pbr

end

wr

Note that ip local policy is specified in global configuration, not under an interface. And you might want to have a more detailed ACL

This is only for traffic that originates from the device, not traffic that passes through it.

Edit: why I want this

Edit: show version

Best Answer

Related Solutions

Cisco ASA 5520 and “source routing based”

Cisco – Failover ASA configuration using a Cisco 3750 switch as the router

Related Topic

Edit: `show version`